Frod - what is it? A new type of information technology fraud

One of the most dangerous property crimes is fraud. There are several articles in the criminal law dedicated to him.

The general composition of the assault is provided for in article 159 of the Criminal Code of the Russian Federation . The norm establishes penalties for unlawful acts with physical objects or property rights. Article 159 of the Criminal Code provides for qualified and highly qualified compositions. In Art. 159.6 established punishment for acts in the field of computer information. Meanwhile, a new type of fraud, fraud, has recently become widespread. Responsibility for it in the Criminal Code is not provided.

Let us further consider the features of the fraud: what is it , is it possible to fight it.

Definition

The word fraud in English means fraud. Its essence is unauthorized actions, unauthorized use of services and resources in communication networks. Simply put, this is a form of information technology fraud .

The ways of committing a crime are different. Currently, more than 50 different theft methods are known in communication networks.

Analyzing the cases that have taken place in practice, we can say that fraud is a crime for which it is very difficult to bring to justice.

Classification

An attempt to isolate fraud species was made in 1999 by F. Gosset and M. Highland. They were able to identify 6 main types:

1. Subscription fraud - contract fraud. It is a deliberate indication of incorrect data when concluding a contract or non-fulfillment by a subscriber of payment conditions. In this case, the subscriber does not initially plan to fulfill his obligations under the contract or at some point refuses to fulfill them.
2. Stolen fraud - use a lost or stolen phone.
3. Access fraud. Translation of access is access. Accordingly, the crime is the unlawful use of services through the reprogramming of identification and serial numbers.
4. Hacking fraud - hacking fraud. It represents an entry into the security system of a computer network in order to remove security tools or change the system configuration for unauthorized use.
5. Technical fraud - technical fraud. It involves the unlawful manufacture of payment telephone cards with fake identifiers of subscribers, payment marks, numbers. Intra-corporate fraud is of the same type. In this case, the attacker has the opportunity to use communication services at a low price due to illegal access to the corporate network. It is believed that such fraud is the most dangerous act, since it is quite difficult to identify it.
6. Procedural fraud - procedural fraud. Its essence lies in unlawful interference in business processes, for example, in billing, to reduce the amount of payment for services.

Later, this classification was greatly simplified; All methods were combined into 4 groups: procedural, hacker, contract, technical fraud.

Main types

It must be understood that fraud is a crime whose source can be anywhere. In this regard, the issue of threat identification is of particular relevance . In accordance with this, the following three types of fraud are distinguished:

• internal;
• camera;
• subscriber.

Consider their main features.

Subscriber fraud

The most common actions are:

• Simulations of alarms using special devices that allow you to make long-distance / international calls, including from pay phones.
• Physical connection to the line.
• Creation of an illegal point of contact through a hacked telephone exchange.
• Carding - emulation of phone cards or illegal actions with prepaid cards (for example, replenishment by fraud).
• Deliberate refusal to pay for telephone calls. This option is possible if the services are provided on credit. As a rule, mobile operators providing roaming services become victims of cybercriminals when information between operators is delayed.
• Cloning of handsets, SIM cards. Cell scammers get the opportunity to make calls in any direction for free, and the bill will come to the owner of the cloned SIM card.
• Using the phone as a call center. Such actions are carried out in those places where there is a demand for communication services : at airports, at railway stations, etc. The essence of fraud is as follows: SIM cards are purchased for the found / stolen passport, the tariffs for which provide for the possibility of generating debt. For a small fee, guests are invited to call. This continues until the number is blocked for the resulting debt. No one is going to repay it, of course.

Camera Fraud

Often it is expressed in the organization of very intricate schemes associated with the exchange of traffic on networks. Among the most common illegal actions are the following:

• Intentional misrepresentation. In such cases, an unscrupulous operator configures the switch so that it is possible to lie calls through another unsuspecting operator.
• Multiple call returns. As a rule, such a “loop” occurs when there are differences in the tariffication of operators when transferring calls between them. An unscrupulous operator returns the call to the outgoing network, but through a third party. As a result, the call returns again to the unscrupulous operator, who can send it again along the same chain.
• Landing traffic. This type of fraud is also called “tunneling”. It takes place when an unscrupulous operator sends its traffic to the network via VoIP. For this, an IP telephony gateway is used.
• Traffic diversion. In this case, several schemes are created that provide for the illegal provision of services at reduced prices. For example, 2 unscrupulous operators enter into an agreement to generate additional income. However, one of them does not have a license to provide communication services. Under the terms of the agreement, the parties stipulate that an entity that does not have permission will use the partner’s network as a transit network for passing and pouring its traffic into the third-party network - the victim operator.

Inner fraud

It involves the actions of communication company employees related to traffic theft. An employee, for example, can use his official position to make illegal profits. In this case, the motive for his actions is self-interest. It also happens that an employee intentionally causes damage to a company, for example, due to a conflict with management.

Internal fraud can be committed by:

• Concealment of a part of information on switching devices. The equipment can be configured so that for some routes information about the services rendered will not be recorded or will be entered into an unused port. It is extremely difficult to detect such actions, even when analyzing the data of the billing network, since it does not receive primary information about the connections.
• Concealment of a part of data on equipment of billing networks.

Friendly fraud

This is a fairly specific fraud scheme. It is associated with shopping online.

Clients place an order and pay for it, as a rule, by bank transfer from a card or account. They then initiate a refund, arguing that the payment instrument or account information was stolen. As a result, the funds are returned, and the purchased goods remain with the attacker.

Practical difficulties

As practice shows, attackers use several fraud methods at once. After all, in fact, who are the fraudsters ? These are people well versed in information technology.

In order not to be caught, they develop various schemes, which are often almost impossible to unravel. This is achieved just by applying several illegal models simultaneously. At the same time, some method can be used to direct law enforcement agencies on a false trail. Often, fraud monitoring also does not help.

Today, most experts come to a single conclusion that it is impossible to make an exhaustive list of all types of telecommunication fraud. This is understandable. First of all, technologies do not stand still: they are constantly developing. Secondly, it is necessary to take into account the specifics of this area of ​​criminal activity. Telecommunication fraud is closely related to the implementation of specific services of certain telecom operators. Accordingly, in addition to general difficulties, each company will have its own specific problems specific to it.

General principles of struggle

Any operator should be aware of existing types of telecommunications fraud. Classification helps streamline crime prevention activities.

The most common is the division of fraud into functional areas:

• roaming;
• transit;
• SMS fraud;
• VoIP fraud;
• PRS fraud.

At the same time, classification does not make it easier for the operator to solve the problem of providing protection against fraud. For example, a transit fraud involves the implementation of a huge number of fraudulent schemes. Despite the fact that all of them are, to one degree or another, related to the provision of one service - traffic transit, they are identified using completely different tools and methods.

Alternative classification

Given the complexity of the problem, when planning fraud monitoring activities, operators should use a typology of fraudulent schemes in accordance with the methods for their detection and detection. This classification is presented as a limited list of fraud classes. Any arising, including previously unaccounted for fraud scheme, the operator can attribute to any class, depending on the method used to disclose it.

The starting point for such a division will be the idea of ​​any model as a combination of 2 components.

The first element is the "pre-ford state." It involves a certain situation, a combination of conditions that arose in the system settings, in business processes, favorable for the implementation of a fraudulent scheme.

For example, there is such a model as “phantom subscribers”. These entities gained access to services, but are not registered in the billing system. This phenomenon is called the "pre-fraud state" - data out of sync between network elements and accounting systems. This, of course, is not fraud. But with this out of sync, it could very well be implemented.

The second element is the "fraud event", that is, the action for which the scheme is organized.

If we continue to consider "phantom subscribers", the action will be SMS, call, traffic transit, data transfer, committed by one of these subscribers. Due to the fact that it is absent in the billing system, services will not be paid.

Fraud and GSM

Technical telecommunications fraud poses many challenges.

First of all, instead of a controlled and legitimate connection, mailings are carried out from an incomprehensible device. The situation is complicated by the fact that the content of messages cannot be moderated (checked).

Secondly, in addition to losses from unpaid mailings, the operator increases direct costs for expanding the network due to the increased load on the devices due to illegal signal traffic.

Another problem is the difficulty in offsetting between operators. Of course, no one wants to pay for pirated traffic.

This problem has become rampant. To overcome this situation, the GSM Association has developed several documents. They disclose the concept of SMS fraud, give recommendations on the main methods of its detection.

One of the reasons for the spread of SMS fraud, experts call the untimely update of the phone OS. According to statistics, a large number of users do not want to buy a new phone until the device used fails. Because of this, more than half of the devices use older software, which, in turn, has gaps. They are used by scammers to implement their schemes. Meanwhile, modern versions have their own vulnerabilities.

You can fix the problem by updating the system to the latest version and running the application that identifies vulnerabilities.

It must be remembered that attackers do not share mobile and fixed communications. Fraud schemes can be implemented on any vulnerable network. Fraudsters study the features of both connections, identify similar gaps and penetrate them. Of course, the threat cannot be completely ruled out. However, eliminating the most obvious vulnerabilities is quite possible.